phpcentoscentos7
ClamAV occur error socket_connect(): unable to connect [13]: Permission denied?
My OS: Centos 7, using laravel 5.8, php 7.1:
I using Clamav.php at: https://github.com/kissit/php-clamav-scan to scan virus of a file:
Changed setting of socket file:
private $clamd_sock = "/var/run/clamd.scan/clamd.sock";
This is my simple code in laravel:
$clamav = new Clamav();
echo "Testing a bad file...\n";
if($clamav->scan("/var/www/html/test/storage/logs/clamav_test.txt")) {
echo "YAY, file is safe!\n";
} else {
echo "BOO, file is a virus. Message: " . $clamav->getMessage() . "\n";
}
i had install clamav on centos 7 by url: https://www.hostinger.com/tutorials/how-to-install-clamav-centos7
i had setting:
sudo setsebool -P daemons_enable_cluster_mode 1
and had add user apache to clamscan group
sudo usermod -a -G clamscan apache
I had check exist file socket:
[root@ip-172-31-2-17 centos]# ls -l /var/run/clamd.scan/
total 0
srw-rw-rw-. 1 clamscan clamscan 0 Sep 19 20:49 clamd.sock
But it occur error:
socket_connect(): unable to connect [13]: Permission denied
How can fix this problem?
Solution
Try this solution, it works for me
chmod 755 /var/run/clamd.scan
I've tried with docker.
supervisord.conf:
[supervisord]
nodaemon=true
[program:httpd]
redirect_stderr=true
command=/usr/sbin/httpd -DFOREGROUND
process_name = httpd
[program:clamd]
directory=/
command=clamd -c /etc/clamd.d/scan.conf &
autostart=true
autorestart=true
Dockerfile:
FROM centos:7
# Install Apache
RUN yum -y update
RUN yum -y install httpd httpd-tools
# Install EPEL Repo
RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \
&& rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
# Install PHP
RUN yum -y install php71w php71w-bcmath php71w-cli php71w-common php71w-gd php71w-intl php71w-ldap php71w-mbstring \
php71w-mysql php71w-pear php71w-soap php71w-xml php71w-xmlrpc
RUN yum -y install git
RUN yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd wget
RUN yum -y install php71w-devel gcc make
RUN yum -y groupinstall "Development tools"
#RUN wget https://datapacket.dl.sourceforge.net/project/php-clamav/0.15/php-clamav_0.15.7.tar.gz
#RUN tar -xvzf php-clamav_0.15.7.tar.gz && cd php-clamav-0.15.7 && phpize && ./configure && make && make install
RUN sed -E -i -e '/<Directory "\/var\/www\/html">/,/<\/Directory>/s/AllowOverride None/AllowOverride All/' /etc/httpd/conf/httpd.conf
RUN sed -E -i -e 's/DirectoryIndex (.*)$/DirectoryIndex index.php \1/g' /etc/httpd/conf/httpd.conf
RUN sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf
RUN sed -i 's+#LocalSocket /var/run/clamd.scan/clamd.sock+LocalSocket /var/run/clamd.scan/clamd.sock+g' /etc/clamd.d/scan.conf
RUN cat /etc/clamd.d/scan.conf | grep clamd.sock
RUN sed -i -e "s/^Example/#Example/" /etc/freshclam.conf
RUN freshclam
RUN chmod 755 /var/run/clamd.scan
RUN yum -y install supervisor
RUN yum -y install mc
COPY supervisord.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
CMD ["supervisord", "-n"]
index.php
<?php
require 'Clamav.php';
$sock = "/var/run/clamd.scan/clamd.sock";
if (file_exists($sock)){
echo "";
}else{
echo "$sock not found";
}
$clamav = new Clamav(array('clamd_sock' => $sock));
if($clamav->scan("/var/www/html/scan.txt")) {
echo "YAY, file is safe\n";
} else {
echo "BOO, file is a virus. Message: " . $clamav->getMessage() . "\n";
}
?>
See here